Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69753A7AB21411EF9EB4B486762E951A.roa
File: 69753A7AB21411EF9EB4B486762E951A.roa (raw, json)
Hash identifier: 5rCpWJKSNxENu2JFY+zYQz1jT6bky4DRxxSLYb0DqLY=
Subject key identifier: 5D:48:DC:8E:E6:60:0E:DE:1D:D8:FE:3D:8F:6D:75:51:D3:2A:64:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0117CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69753A7AB21411EF9EB4B486762E951A.roa
Signing time: Wed 04 Dec 2024 07:50:21 +0000
ROA not before: Wed 04 Dec 2024 07:50:17 +0000
ROA not after: Fri 24 Oct 2025 07:50:17 +0000
asID: 53835
IP address blocks: 154.196.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71626 (0x117ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 4 07:50:17 2024 GMT
Not After : Oct 24 07:50:17 2025 GMT
Subject: CN=675009bd-140c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c9:ae:70:e7:a9:2d:10:2e:3a:a7:6c:a9:ab:
77:ff:a8:a5:9c:be:34:7c:4e:4b:e4:44:98:19:d0:
55:c4:21:fc:67:d1:ff:ac:58:76:ef:95:05:43:24:
61:d2:be:53:51:89:e2:ac:95:ad:86:22:6d:4f:b7:
7d:43:c4:fa:96:0f:36:2f:fd:67:e3:ec:99:cf:f7:
6c:bf:e3:20:7c:ec:95:bc:17:08:15:4f:1e:6a:b4:
f4:14:4d:fb:3c:3a:67:4d:19:13:aa:ef:e2:e5:d0:
69:b8:cb:d8:57:c0:f2:d5:4d:96:eb:62:9f:41:5f:
50:8d:55:2d:65:92:db:16:03:a7:ee:05:e0:c9:50:
08:b5:d2:7a:f8:b7:d3:e8:5f:51:15:5d:30:55:5d:
26:8a:41:fc:b5:e5:c2:a6:d9:53:c7:e0:1c:8f:ec:
df:87:2e:a4:76:ba:1c:ec:1b:c0:ce:c5:18:56:d7:
88:c9:a9:b4:0c:57:6b:30:17:0c:f7:62:33:45:18:
7a:1c:78:52:6c:b0:3a:65:b5:c5:fa:0a:42:c2:31:
3d:7b:03:60:ed:be:e4:71:65:63:31:47:54:ba:b6:
ab:97:5b:56:64:a5:83:19:78:b7:1d:a8:9c:a5:6e:
cd:3e:3c:ee:14:f4:13:9b:87:8a:73:5f:0b:f1:da:
32:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:48:DC:8E:E6:60:0E:DE:1D:D8:FE:3D:8F:6D:75:51:D3:2A:64:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69753A7AB21411EF9EB4B486762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.244.0/24
Signature Algorithm: sha256WithRSAEncryption
85:be:20:19:96:cb:6e:00:14:70:3f:ae:f1:3f:5f:8a:cf:d3:
10:54:1a:83:d4:8d:55:57:ee:f5:b2:4f:bf:e3:cc:27:c4:a0:
b5:78:08:4e:09:b3:e0:66:1a:d4:9d:4c:d6:1e:39:be:42:bf:
52:b7:8e:90:bc:7f:4e:22:cc:2d:73:b4:29:6a:45:da:65:64:
da:f1:ca:d8:e2:a8:1a:f2:6c:32:83:7b:44:d3:e2:44:8b:89:
10:f9:d5:60:1f:7c:50:58:17:92:68:fb:fc:bc:0a:9f:ad:04:
80:07:c7:85:c8:4d:bc:3b:00:d3:0b:e1:49:c4:45:db:b6:08:
54:f9:20:1d:b5:2e:69:c6:19:4f:cb:ec:c4:b6:17:9c:8e:85:
48:82:38:0c:d9:4a:0e:bb:ce:94:49:1e:6a:14:63:2f:af:40:
57:83:4d:e8:08:ee:cf:e2:9e:eb:6c:74:14:3a:3a:bc:39:18:
2f:34:da:a4:e0:6e:a8:5b:5c:76:2a:5f:5e:01:1d:de:b5:db:
13:f9:32:b4:16:b8:fa:e4:3b:2e:6c:b1:b7:ea:2b:ba:fc:59:
3d:0c:f9:c9:cc:c6:aa:5c:a3:4d:0b:e1:d8:d9:6a:a1:7a:9d:
ec:c4:c2:a4:79:89:e2:0d:c9:ae:c5:a6:78:38:b3:b2:8f:af:
41:7a:85:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARfKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA0MDc1MDE3WhcNMjUxMDI0MDc1MDE3WjAYMRYw
FAYDVQQDEw02NzUwMDliZC0xNDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzMmucOepLRAuOqdsqat3/6ilnL40fE5L5ESYGdBVxCH8Z9H/rFh275UF
QyRh0r5TUYnirJWthiJtT7d9Q8T6lg82L/1n4+yZz/dsv+MgfOyVvBcIFU8earT0
FE37PDpnTRkTqu/i5dBpuMvYV8Dy1U2W62KfQV9QjVUtZZLbFgOn7gXgyVAItdJ6
+LfT6F9RFV0wVV0mikH8teXCptlTx+Acj+zfhy6kdroc7BvAzsUYVteIyam0DFdr
MBcM92IzRRh6HHhSbLA6ZbXF+gpCwjE9ewNg7b7kcWVjMUdUurarl1tWZKWDGXi3
HaicpW7NPjzuFPQTm4eKc18L8doyQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF1I
3I7mYA7eHdj+PY9tdVHTKmS2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTc1M0E3QUIyMTQxMUVGOUVCNEI0ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsT0MA0GCSqGSIb3DQEB
CwUAA4IBAQCFviAZlstuABRwP67xP1+Kz9MQVBqD1I1VV+71sk+/48wnxKC1eAhO
CbPgZhrUnUzWHjm+Qr9St46QvH9OIswtc7QpakXaZWTa8crY4qga8mwyg3tE0+JE
i4kQ+dVgH3xQWBeSaPv8vAqfrQSAB8eFyE28OwDTC+FJxEXbtghU+SAdtS5pxhlP
y+zEthecjoVIgjgM2UoOu86USR5qFGMvr0BXg03oCO7P4p7rbHQUOjq8ORgvNNqk
4G6oW1x2Kl9eAR3etdsT+TK0Frj65DsubLG36iu6/Fk9DPnJzMaqXKNNC+HY2Wqh
ep3sxMKkeYniDcmuxaZ4OLOyj69BeoXB
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:53 2025 by rpki-client